Start Consul Injector failed on GKE

Hi, I’m following the Consul on Kubernetes guide, but it doesn’t work on GKE.

  1. Create a GKE cluster.
  2. Follow guide to run commands:
$ kubectl get pods --namespace consul --selector app=consul

# Output
consul-client-bzhrg                            1/1     Running            0              7m50s
consul-client-mtwcc                            1/1     Running            0              7m50s
consul-client-rmvwf                            1/1     Running            0              7m51s
consul-connect-injector-6cc7b6dfc6-dqsr5       0/1     CrashLoopBackOff   6 (87s ago)    7m49s
consul-connect-injector-6cc7b6dfc6-mdd4b       0/1     CrashLoopBackOff   6 (80s ago)    7m50s
consul-controller-8566c58cfb-f7fmg             0/1     CrashLoopBackOff   6 (106s ago)   7m51s
consul-server-0                                1/1     Running            0              7m50s
consul-webhook-cert-manager-6b884459f4-9n76x   1/1     Running            0              7m51s
  1. Describe the CrashLookBackOff Pod
$ kubectl describe pod consul-connect-injector-6cc7b6dfc6-mdd4b -n consul

# Output
  Type     Reason       Age                     From               Message
  ----     ------       ----                    ----               -------
  Normal   Scheduled    9m5s                    default-scheduler  Successfully assigned consul/consul-connect-injector-6cc7b6dfc6-mdd4b to gke-gke-consul-test-default-pool-f1d49ce2-nnm6
  Warning  FailedMount  8m49s (x6 over 9m5s)    kubelet            MountVolume.SetUp failed for volume "certs" : secret "consul-connect-inject-webhook-cert" not found
  Normal   Pulling      8m25s                   kubelet            Pulling image "hashicorp/consul-k8s-control-plane:0.45.0"
  Normal   Pulled       8m18s                   kubelet            Successfully pulled image "hashicorp/consul-k8s-control-plane:0.45.0" in 7.241196963s
  Normal   Created      7m53s (x3 over 8m18s)   kubelet            Created container sidecar-injector
  Normal   Pulled       7m53s (x2 over 8m16s)   kubelet            Container image "hashicorp/consul-k8s-control-plane:0.45.0" already present on machine
  Normal   Started      7m52s (x3 over 8m18s)   kubelet            Started container sidecar-injector
  Warning  Unhealthy    7m51s (x2 over 8m17s)   kubelet            Startup probe failed: Get "": dial tcp connect: connection refused
  Warning  BackOff      3m56s (x38 over 8m14s)  kubelet            Back-off restarting failed container

I guess the failed reason is because of using GKE instead of Kind/Minikube on local, but any hints on how to fix this issue?

@juzhiyuan I am facing the same issue, you found a way to fix this ?